26 Aug
2015
26 Aug
'15
9:31 p.m.
Hello,
I did analyze it a bit, but it is a rather strange situation, like
trying to allocate an already allocated chunk, which cannot really
happen due to a race in this case, being work with private memory (pkg).
Another option would be a memory overwrite, like a memcpy writing 0 over
the header of the chunk, but the fields that are 0 are in the middle of
the header structure, the other fields around (before and after) are not
0 and seem to have valid values.
So I couldn't get to a proper conclusion at that time. I will go through
it again during the next days. One option was to catch this situation
and don't crash, but throw an error.
Of course, extreme reasons would be corrupted (physical) memory or core
file, but all seems ok at least for the last option here.
Cheers,
Daniel
On 26/08/15 19:28, Alex Balashov wrote:
Hi Daniel,
Have you had a chance to look into this? If not, no worries at all, I
am just afraid maybe I missed a follow-up or a patch.
On 08/22/2015 11:49 AM, Alex Balashov wrote:
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Daniel,
On 08/22/2015 03:55 AM, Daniel-Constantin Mierla wrote:
can you give the content for qm and frag in frame
0:
p *qm
p *frag
Of course, and thank you for looking into it!
1) *qm
(gdb) print *qm
$3 = {type = 1, size = 8388608, used = 2332928, real_used = 2817136,
max_real_used = 2833136, ffrags = 262, first_frag = 0x7ff1ac559488,
last_frag = 0x7ff1acd50fd8, free_bitmap = {282033345460158,
18014398510072385, 586595500732448793, 0 <repeats 29 times>,
1125899906843136}, free_hash = {{first = 0x0, no =
18446744073709551615}, {first = 0x7ff1ac5b64c0, no = 116}, {first =
0x7ff1ac7fe468, no = 21}, {first = 0x7ff1ac7fe8f0, no = 6}, {first =
0x7ff1ac7feca0, no = 2}, {first = 0x7ff1ac77a2a0, no = 3}, {first = 0x0,
no = 0}, {first = 0x7ff1ac7fe4f8, no = 52}, {first = 0x7ff1ac77a420, no
= 13}, {first = 0x7ff1ac7d50c8, no = 3}, {first = 0x7ff1ac803658, no =
3}, {first = 0x0, no = 0}, {first = 0x7ff1ac800aa8, no = 1}, {first =
0x7ff1ac7ff360, no = 6}, {first = 0x7ff1ac8039a8, no = 3}, {first =
0x7ff1ac8012c8, no = 1}, {first = 0x0, no = 0}, {first = 0x7ff1ac8021e8,
no = 1}, {first = 0x7ff1ac803518, no = 1}, {first = 0x7ff1ac8002d8, no =
1}, {first = 0x7ff1ac7ff030, no = 3}, {first = 0x0, no = 0}, {first =
0x7ff1ac7ffb90, no = 1}, {first = 0x0, no = 0}, {first = 0x7ff1ac803170,
no = 2}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no
= 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no =
0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x7ff1ac803268, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x7ff1ac7ffde8, no = 1}, {first = 0x0, no = 0}, {first = 0x0,
no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no
= 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no =
0}, {first = 0x7ff1ac800f98, no = 1}, {first = 0x0, no = 0} <repeats 15
times>, {first = 0x7ff1ac802718, no = 5}, {first = 0x0, no = 0}, {first
= 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x0, no = 0}, {first = 0x7ff1ac803a50, no = 1}, {first = 0x0, no = 0},
{first = 0x0, no = 0}, {first = 0x7ff1ac804348, no = 1}, {first = 0x0,
no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no
= 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x7ff1ac804800, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x7ff1ac804cf0, no = 1}, {first = 0x0, no = 0} <repeats 34
times>, {first = 0x7ff1ac802950, no = 1}, {first = 0x0, no = 0}, {first
= 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7ff1ac801378, no = 2},
{first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7ff1ac8017b0,
no = 1}, {first = 0x7ff1ac803cb8, no = 1}, {first = 0x0, no = 0}
<repeats 34 times>, {first = 0x7ff1ac805510, no = 1}, {first =
0x7ff1ac805a80, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0},
{first = 0x0, no = 0}, {first = 0x7ff1ac805ff8, no = 1}, {first = 0x0,
no = 0}, {first = 0x0, no = 0}, {first = 0x7ff1ac8065c0, no = 1}, {first
= 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first =
0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7ff1ac806ba0, no = 1},
{first = 0x0, no = 0} <repeats 1869 times>, {first = 0x7ff1ac8071b0, no
= 1}, {first = 0x0, no = 0} <repeats 40 times>, {first = 0x7ff1ac803388,
no = 1}}}
2) *frag
(gdb) print *frag
$4 = {size = 232, u = {nxt_free = 0x0, reserved = 0}, prv_free = 0x0,
file = 0x75d29c "<core>: parser/msg_parser.c", func = 0x760150
"get_hdr_field", line = 116, check = 4042322160}
-- Alex